>Number: 3303 >Category: mod_cgi >Synopsis: HTTP_USER not on the enviroment for protected CGI's >Confidential: no >Severity: non-critical >Priority: medium >Responsible: apache >State: open >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Wed Oct 28 00:50:00 PST 1998 >Last-Modified: >Originator: [EMAIL PROTECTED] >Organization: apache >Release: 1.3.1 >Environment: SunOS axil 5.5 Generic sun4m sparc Gcc 2.7.8 SSL + PHP3 + Frontpage >Description: Since I upgraded to 1.3.1 I noticed that the enviroment var HTTP_USER is not on my CGI's env. Those CGI's are protected in access.conf and username/password are asked to access it. With 1.2.6 all worked ok (same config). >How-To-Repeat:
>Fix: Some way to force HTTP_USER to be in the env, or check carefully that the CGI (or path the CGI is in) needs auth. >Audit-Trail: >Unformatted: [In order for any reply to be added to the PR database, ] [you need to include <[EMAIL PROTECTED]> in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ] [If you do not include this Cc, your reply may be ig- ] [nored unless you are responding to an explicit request ] [from a developer. ] [Reply only with text; DO NOT SEND ATTACHMENTS! ]
